CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-33530
https://notcve.org/view.php?id=CVE-2023-33530
There is a command injection vulnerability in the Tenda G103 Gigabit GPON Terminal with firmware version V1.0.0.5. If an attacker gains web management privileges, they can inject commands gaining shell privileges. • http://tenda.com https://github.com/D2y6p/CVE/blob/main/tenda/CVE-2023-33530/RCE2/tenda_G103_RCE_2.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-27076
https://notcve.org/view.php?id=CVE-2023-27076
Command injection vulnerability found in Tenda G103 v.1.0.0.5 allows attacker to execute arbitrary code via a the language parameter. • https://github.com/B2eFly/Router/blob/main/Tenda/G103/1.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 1CVE-2023-27079
https://notcve.org/view.php?id=CVE-2023-27079
Command Injection vulnerability found in Tenda G103 v.1.0.05 allows an attacker to obtain sensitive information via a crafted package • https://github.com/B2eFly/Router/blob/main/Tenda/G103/2.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •